RFKeylogger

Inspiration

The average keylogger program is usually one of two things: a program that sends keypresses over the internet, or a hardware device that intercepts a keyboard and stores keypresses in its internal memory, requiring a penetration tester to go and retrieve the physical device when nobody is at the system being logged, which is extra work for the pentester. There exist hardware keyloggers that have Wi-Fi access, but of course we run into the issue of the internet traffic being seen by internal security teams, which reduces the odds of a successful penetration test. So, we decided to figure out a way that combines the ease of use of a hardware keylogger with the ability to receive data with a low risk of being detected.

What it does

RFKeylogger is a three part system that allows penetration testers to log a computer's keypress data and receive said data over a radio link, to avoid sending suspicious network traffic.

How we built it

RFKeylogger has three crucial parts, as stated before. First, a simple Python program that listens for keypresses using the pynput library, outputting 64 characters at a time over a serial port. The second component is an Arduino Uno connected to a RFM96 LoRa radio transceiver. The Arduino listens for data on its serial port, and outputs said data through the radio. The third and final component is another Arduino Uno, connected to another RFM96 board, as well as a real-time clock for timestamping received keypress data. This Arduino outputs the received keypresses to its own serial port, as well as the time the data was received, and signal strength of the data received. A penetration tester can simply read the information received on a serial terminal.

Challenges we ran into

The hardest part was getting the Python component of the project working, as pynput and pySerial did NOT want to play nice with us at first. But after a good long night of debugging, the bugs were ironed out.

Accomplishments that were proud of

We're personally proud of the fact that we got the Python component of the code talking perfectly to the Arduino, as many Awake chocolates were sacrificed to get the solution we found.

What we learned

We think that we have all learned the true value of working with some new hardware that none of us have ever worked with before, and making a fully functional system. Another important lesson learned: If you're feeling like your code writing skills are on a downwards spiral, get some water and relax for a bit. Trust me, your body and code will thank you.

What's next for RFKeylogger

There's definitely room for miniaturization in RFKeylogger's future. Currently, the electronic components are all prototyped using breadboards, and everything is generally messy looking. We'd like to be able to design a PCB for this system, and a smaller enclosure that looks more like a generic flash drive. We'd also like to add more features to the system, as currently it is very simplistic.

Built With

arduino
fram
lora
python
radiohead
real-time-clock

Submitted to

Hack@CEWIT 2020

Created by

I worked on the main code for the transceivers as well as the assembly and wiring of the parts.

Jared Simmons
HackJWU team member #JWUWorks
I helped debug and test the transceivers.

Donald Finlayson
Johnson and Wales University: Cyber Threat Intellgence and Defense Major
I worked on the keylogger program that sent the key logs via serial to the sender arduino

Alistair Wilson
Senior at Johnson & Wales University studying Cyber Security
I helped debug and test the Python Key logger code and made the thumbnail.

Sabrina Storey
Junior at Johnson & Wales University majoring in Cyber Threat Intelligence and Defense

Updates

Jared Simmons started this project — Feb 16, 2020 12:07 AM EST

Leave feedback in the comments!

Log in or sign up for Devpost to join the conversation.